Security token verification

Enable token verification to ask all remote agents to provide the token during the initial contact with the Bamboo server. Once you enable the verification, all agents that try to connect to Bamboo without the token are rejected before leaving any trail in Bamboo. By default, the feature is disabled for Bamboo Server.

This feature doesn't affect elastic agents.

Enabling security token verification

When you enable the verification, all agents that already authenticated and connected continue to work. In other words, no running builds should be stopped or broken when the feature gets enabled. However, on server restart or agent restart each agent is required to have a correct token.

There are problems with backwards compatibility. If the feature is enabled, old agents (from older Bamboo versions) will not be able to connect. Users need to download the new agent JAR.

Viewing the current security token

Each time the feature gets enabled, a new security token is generated, which means that disabling and re-enabling security token verification can be used to reset the token.

注意

If the agent's IP address changes, perhaps because DHCP is being used, then you will have to reapprove the agent when it next tries to connect using that different IP address.

If you revoke access for a connected agent, the agent will remain connected and will continue to run. However, if the agent is subsequently restarted, it will not be able to connect.

If you enable remote agent authentication, having previously revoked access for connected agents and disabled remote agent authentication, then you get the option to approve access for all connected agents at once. If you don't approve this, the agents stay connected and continue to run, but you will need to manually approve them when they next try to connect.